VACM


1   /*_############################################################################
2     _## 
3     _##  SNMP4J-Agent - VACM.java  
4     _## 
5     _##  Copyright (C) 2005-2007  Frank Fock (SNMP4J.org)
6     _##  
7     _##  Licensed under the Apache License, Version 2.0 (the "License");
8     _##  you may not use this file except in compliance with the License.
9     _##  You may obtain a copy of the License at
10    _##  
11    _##      http://www.apache.org/licenses/LICENSE-2.0
12    _##  
13    _##  Unless required by applicable law or agreed to in writing, software
14    _##  distributed under the License is distributed on an "AS IS" BASIS,
15    _##  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16    _##  See the License for the specific language governing permissions and
17    _##  limitations under the License.
18    _##  
19    _##########################################################################*/
20  
21  
22  package org.snmp4j.agent.security;
23  
24  import org.snmp4j.smi.OctetString;
25  import org.snmp4j.smi.OID;
26  // for JavaDoc
27  import org.snmp4j.security.SecurityModel;
28  import org.snmp4j.security.SecurityLevel;
29  
30  /**
31   * The View-based Access Control Model interface defines methods and constants
32   * that a contrete implementation of such a model has to implement.
33   * An example of such a concrete implementation is defined by RFC 3415 and
34   * implemented by the VacmMIB class.
35   *
36   * @author Frank Fock
37   * @version 1.0
38   */
39  public interface VACM {
40  
41    int VIEW_NOTIFY = 0;
42    int VIEW_READ = 1;
43    int VIEW_WRITE = 2;
44  
45    int VACM_OK = 0;
46    int VACM_NOT_IN_VIEW  = 1;
47    int VACM_NO_SUCH_VIEW = 2;
48    int VACM_NO_SUCH_CONTEXT = 3;
49    int VACM_NO_GROUP_NAME = 4;
50    int VACM_NO_ACCESS_ENTRY = 5;
51    int VACM_OTHER_ERROR = 6;
52  
53    /**
54     * Checks whether access is allowed in the specified context for the security
55     * name, model, level, and view type for the supplied OID.
56     * @param context
57     *   the context for which access is requested.
58     * @param securityName
59     *   the security name.
60     * @param securityModel
61     *   the security model, see {@link SecurityModel} for possible values.
62     * @param securityLevel
63     *   the security level, see {@link SecurityLevel} for possible values.
64     * @param viewType
65     *   the requested view type, possible values are {@link #VIEW_NOTIFY},
66     *   {@link #VIEW_READ}, and {@link #VIEW_WRITE}.
67     * @param oid
68     *   the OID of the object instance for which access is requested.
69     * @return
70     *   {@link #VACM_OK} if access is granted or one of the VACM errors defined
71     *   by this interface if access is rejected.
72     */
73    int isAccessAllowed(OctetString context,
74                        OctetString securityName,
75                        int securityModel,
76                        int securityLevel,
77                        int viewType,
78                        OID oid);
79  
80    /**
81     * Checks if access is allowed for the given OID within the specified view.
82     * @param viewName
83     *    the name of an existing view, i.e. that has bee retrieved by
84     *    {@link #getViewName} before.
85     * @param oid
86     *   the OID of the object instance for which access is requested.
87     * @return
88     *   {@link #VACM_OK} if access is granted or one of the VACM errors defined
89     *   by this interface if access is rejected.
90     */
91    int isAccessAllowed(OctetString viewName, OID oid);
92  
93    /**
94     * Gets the view name of the view defined by the supplied credentials.
95     * @param context
96     *   the context for which access is requested.
97     * @param securityName
98     *   the security name.
99     * @param securityModel
100    *   the security model, see {@link SecurityModel} for possible values.
101    * @param securityLevel
102    *   the security level, see {@link SecurityLevel} for possible values.
103    * @param viewType
104    *   the requested view type, possible values are {@link #VIEW_NOTIFY},
105    *   {@link #VIEW_READ}, and {@link #VIEW_WRITE}.
106    * @return
107    *    the view name if the credentials can be mapped to an existing view.
108    *    Otherwise, if no such view exists then <code>null</code> is returned.
109    */
110   OctetString getViewName(OctetString context,
111                           OctetString securityName,
112                           int securityModel,
113                           int securityLevel,
114                           int viewType);
115 }
116
A to Z: JavaDoc & Examples Daily Java News & Articles Open Source Projects Open Source Codes Free Computer Books Remove Frame
Popular Tags